Le lundi 09 avril 2007 à 14:40 -0700, Justin Patrin a écrit : > On 4/9/07, Benoît Dejean <[EMAIL PROTECTED]> wrote:
> > > > > If you do it using ssh-add (which is > > > a command-line program) then it's going to ask on the command-line. > > > > No. Graphical GTK+. > > ssh-add -l pops up graphical prompt on first use. > > No, ssh-add is not popping up a graphical prompt. gnome-keyring is. > There's a chain of processes here at work. > * ssh-add -l is asking for a list of keys from the agent > * ssh-agent looks for its list of keys (Do you think i should fill a bug against ssh-agent because it tries to unlock my keys just to list them ?) > * seahorse-agent notices that you want to look at the key and asks > gnome-keyring for the password to decrypt it so that it can be added > to the agent > * gnome-password asks for your master passphrase to unlock your key > passphrase (or just asks for your passphrase for the key depending on > how you have it set up) > > Then back the other way > > * gnome-password passes the passphrase back to seahorse-agent > * seahorse-agent uses the passphrase to decrypt your key and pass it > to ssh-agent > * ssh-agent adds the key to its in-memory keystore and passes the list > of keys to ssh-add > * ssh-add lists your keys > > Or something close to that anyway. mtn uses ssh-agent, not > gnome-keychain or seahorse-agent so it asks for the passphrase itself. Hum OK. Somthing is really inconsistent here because "ssh-add -l" uses a graphical prompt where "ssh-add key" doesn't. Or maybe i don't understand. I have to reread this thread. > > > > > Are you using seahorse for ssh-agent integration or something else? > > > > yes, seahorse-agent. GNOME 2.16 on Debian SID. > > > > > > One thing i don't understand : if i export my key ssh_agent_export, it > > tries to change the password. Why ? > > We figure that most people are using the get_passphrase hook right > now. It would be a good idea to change your key passphrase when you > export it since your passphrase was previously in plaintext on your > hard drive. OK. What about adding messages to explain that ? Because it actually exports the key to ssh format with a new password. But the keystore key's password is unchanged if i'm right. mtn [EMAIL PROTECTED] ssh_agent_export mtn.key <It would be a good idea to change your key passphrase when you export it since your passphrase was previously in plaintext on your hard drive.> <Enter a new passphrase for the exported key>. enter passphrase for key ID [EMAIL PROTECTED]: enter new passphrase for key ID [EMAIL PROTECTED]: confirm passphrase for key ID [EMAIL PROTECTED]: Oh, and it looks like there is a little ~bug. I couldn't find the exported key. I figured that mtn was changing dir to .. because there it could found a _MTN dir. I ran "mtn [EMAIL PROTECTED] ssh_agent_export mtn.key" in "/tmp/mtn" and the output key was "/tmp/mtn.key" where i expected "./mtn.key" stat64("/tmp/mtn/_MTN", 0x7fea8af8) = -1 ENOENT (No such file or directory) stat64("/tmp/_MTN", {st_mode=S_IFDIR|0700, st_size=144, ...}) = 0 stat64("/tmp/_MTN", {st_mode=S_IFDIR|0700, st_size=144, ...}) = 0 stat64("/tmp/_MTN", {st_mode=S_IFDIR|0700, st_size=144, ...}) = 0 stat64("/tmp/_MTN", {st_mode=S_IFDIR|0700, st_size=144, ...}) = 0 stat64("/tmp/_MTN/..", {st_mode=S_IFDIR|S_ISVTX|0777, st_size=1016, ...}) = 0 chdir("/tmp") ... open("mtn.key", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = 4 I have tried to import my mtn.key in seahorse but the key fails to load "file:///home/monotone/mtn_benoit 0x7f7f7f7flacenet.org.key: Invalid file format" -- Benoît Dejean GNOME http://www.gnomefr.org/ LibGTop http://directory.fsf.org/libgtop.html
signature.asc
Description: Ceci est une partie de message numériquement signée
_______________________________________________ Monotone-devel mailing list Monotone-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/monotone-devel